package com.kedacom.ctsp.authz.oauth2.client.service;

import com.kedacom.ctsp.authz.oauth2.core.AccessTokenRequest;
import com.kedacom.ctsp.authz.oauth2.core.OAuth2Authentication;
import com.kedacom.ctsp.authz.oauth2.core.vo.AccessToken;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.UnsupportedEncodingException;

public interface OAuth2Service {

    /**
     * 向SSO站点申请访问令牌
     *
     * @param response
     * @return
     */
    String authorize(HttpServletRequest request, HttpServletResponse response) throws Exception;

    /**
     * 检查认证服务器回传过来的state是否与客户端传过去的一致，防止CSRF攻击
     *
     * @param request
     * @param response
     * @param state
     * @return
     */
    Boolean checkState(HttpServletRequest request, HttpServletResponse response, String state);


    /**
     * 根据token获取用户信息
     *
     * @param accessToken
     * @return
     */
    OAuth2Authentication getAuthenticationByAccessToken(AccessToken accessToken);

    AccessToken applyForAuthorizationCode(String code) throws UnsupportedEncodingException;

    AccessToken applyForPassword(String username, String password);

    AccessToken applyForClientCredential();

    AccessToken applyForRefreshToken(String refreshToken);

    AccessToken applyForAccessToken(AccessTokenRequest request);
}
